QUESTION: 177

An enterprise learns that a new privacy regulation was recently published to protect customers in the event of a breach involving personally identifiable information (PII). The IT risk management team’s FIRST course of action should be to:

evaluate the risk appetite for the new regulation.
determine if the new regulation introduces new risk.
assign a risk owner for the new regulation.
define the risk tolerance for the new regulation.

Answer(s): C

Reveal Solution Next Question

QUESTION: 178

When designing an IT governance framework, the PRIMARY consideration should be to:

comply with external monitoring standards.
ensure stakeholders receive value from IT.
require cost-benefit analysis before implementing controls.
benchmark controls against industry best practices.

Answer(s): C

Reveal Solution Next Question

QUESTION: 179

The PRIMARY objective of IT resource planning within an enterprise should be to:

maximize value received from IT.
determine risk associated with IT resources.
determine IT outsourcing options.
finalize service level agreements for IT.

Answer(s): A

Reveal Solution Next Question

QUESTION: 180

A global enterprise is experiencing an economic downturn and is rapidly losing market share. IT senior management is reassessing the core activities of the business, including IT, and the associated resource implications. Management has decided to focus on its local market and to close international operations. A critical issue from a resource management perspective is to retain the most capable staff. This is BEST achieved by:

reviewing current goals-based performance appraisals across the enterprise.
retaining capable staff exclusively from the local market.
ranking employees across the enterprise based on length of service.
ranking employees across the enterprise based on their compensation.

Answer(s): C

Reveal Solution Next Question

Free CGEIT Exam Braindumps (page: 46)

QUESTION: 177

QUESTION: 178

QUESTION: 179

QUESTION: 180

CGEIT Discussions & Posts